fix: correct latin1/ascii decoding and harden base64 bounds

The latin1/binary and ascii stringToBuffer paths operated on raw UTF-8
bytes instead of decoded code points, producing wrong output for chars
above 0x7F. Add proper UTF-8 decoding (decodeLatin1) so each code point
maps to a single byte, matching Node.js Buffer.from(str, 'latin1').

Also adds INT_MAX bounds checks before size_t→int casts in the base64
encode/decode paths, moves benchmark-only _old helpers out of the
package's public exports, and adds 28 encoding round-trip tests covering
hex, base64, base64url, utf-8, latin1, and ascii.

Author: boorad

example/src/benchmarks/encoding/encoding.ts

@@ -1,12 +1,23 @@
-import {
-  bufferToString,
-  stringToBuffer,
-  ab2str_old,
-  stringToBuffer_old,
-} from 'react-native-quick-crypto';
+import { bufferToString, stringToBuffer } from 'react-native-quick-crypto';
+import { Buffer as CraftzdogBuffer } from '@craftzdog/react-native-buffer';
 import type { BenchFn } from '../../types/benchmarks';
 import { Bench } from 'tinybench';
 
+function ab2str_old(buf: ArrayBuffer, encoding: string = 'hex'): string {
+  return CraftzdogBuffer.from(buf).toString(encoding);
+}
+
+function stringToBuffer_old(
+  input: string,
+  encoding: string = 'utf-8',
+): ArrayBuffer {
+  const buffer = CraftzdogBuffer.from(input, encoding);
+  return buffer.buffer.slice(
+    buffer.byteOffset,
+    buffer.byteOffset + buffer.byteLength,
+  );
+}
+
 // Generate test data
 const generate1MB = (): ArrayBuffer => {
   const bytes = new Uint8Array(1024 * 1024);

example/src/hooks/useTestsList.ts

@@ -44,6 +44,7 @@ import '../tests/subtle/supports';
 import '../tests/subtle/getPublicKey';
 import '../tests/subtle/wrap_unwrap';
 import '../tests/utils/utils_tests';
+import '../tests/utils/encoding_tests';
 import '../tests/x509/x509_tests';
 
 export const useTestsList = (): [

example/src/tests/utils/encoding_tests.ts

@@ -0,0 +1,219 @@
+import { bufferToString, stringToBuffer } from 'react-native-quick-crypto';
+import { expect } from 'chai';
+import { test } from '../util';
+
+const SUITE = 'utils';
+
+// --- Helper ---
+
+const toU8 = (ab: ArrayBuffer): Uint8Array => new Uint8Array(ab);
+
+// --- Hex ---
+
+test(SUITE, 'hex encode empty buffer', () => {
+  const ab = new ArrayBuffer(0);
+  expect(bufferToString(ab, 'hex')).to.equal('');
+});
+
+test(SUITE, 'hex decode empty string', () => {
+  expect(toU8(stringToBuffer('', 'hex'))).to.deep.equal(new Uint8Array([]));
+});
+
+test(SUITE, 'hex encode known bytes', () => {
+  const ab = new Uint8Array([0xde, 0xad, 0xbe, 0xef]).buffer as ArrayBuffer;
+  expect(bufferToString(ab, 'hex')).to.equal('deadbeef');
+});
+
+test(SUITE, 'hex decode known string', () => {
+  expect(toU8(stringToBuffer('deadbeef', 'hex'))).to.deep.equal(
+    new Uint8Array([0xde, 0xad, 0xbe, 0xef]),
+  );
+});
+
+test(SUITE, 'hex roundtrip all byte values', () => {
+  const bytes = new Uint8Array(256);
+  for (let i = 0; i < 256; i++) bytes[i] = i;
+  const ab = bytes.buffer as ArrayBuffer;
+  const hex = bufferToString(ab, 'hex');
+  expect(hex.length).to.equal(512);
+  expect(toU8(stringToBuffer(hex, 'hex'))).to.deep.equal(bytes);
+});
+
+test(SUITE, 'hex decode is case-insensitive', () => {
+  const lower = toU8(stringToBuffer('abcdef', 'hex'));
+  const upper = toU8(stringToBuffer('ABCDEF', 'hex'));
+  expect(lower).to.deep.equal(upper);
+});
+
+test(SUITE, 'hex decode rejects odd-length string', () => {
+  expect(() => stringToBuffer('abc', 'hex')).to.throw();
+});
+
+test(SUITE, 'hex decode rejects invalid characters', () => {
+  expect(() => stringToBuffer('zzzz', 'hex')).to.throw();
+});
+
+// --- Base64 ---
+
+test(SUITE, 'base64 encode empty buffer', () => {
+  const ab = new ArrayBuffer(0);
+  expect(bufferToString(ab, 'base64')).to.equal('');
+});
+
+test(SUITE, 'base64 decode empty string', () => {
+  expect(toU8(stringToBuffer('', 'base64'))).to.deep.equal(new Uint8Array([]));
+});
+
+test(SUITE, 'base64 encode/decode RFC 4648 test vectors', () => {
+  const vectors: [string, string][] = [
+    ['', ''],
+    ['f', 'Zg=='],
+    ['fo', 'Zm8='],
+    ['foo', 'Zm9v'],
+    ['foob', 'Zm9vYg=='],
+    ['fooba', 'Zm9vYmE='],
+    ['foobar', 'Zm9vYmFy'],
+  ];
+  for (const [plain, encoded] of vectors) {
+    const ab = new Uint8Array(plain.split('').map(c => c.charCodeAt(0)))
+      .buffer as ArrayBuffer;
+    expect(bufferToString(ab, 'base64')).to.equal(encoded);
+    expect(toU8(stringToBuffer(encoded, 'base64'))).to.deep.equal(
+      new Uint8Array(ab),
+    );
+  }
+});
+
+test(SUITE, 'base64 roundtrip binary data', () => {
+  const bytes = new Uint8Array([0, 1, 127, 128, 254, 255]);
+  const ab = bytes.buffer as ArrayBuffer;
+  const b64 = bufferToString(ab, 'base64');
+  expect(toU8(stringToBuffer(b64, 'base64'))).to.deep.equal(bytes);
+});
+
+// --- Base64url ---
+
+test(SUITE, 'base64url encode produces URL-safe characters', () => {
+  // Bytes that produce + and / in standard base64
+  const bytes = new Uint8Array([0xfb, 0xff, 0xfe]);
+  const ab = bytes.buffer as ArrayBuffer;
+  const result = bufferToString(ab, 'base64url');
+  expect(result).to.not.include('+');
+  expect(result).to.not.include('/');
+  expect(result).to.not.include('=');
+});
+
+test(SUITE, 'base64url roundtrip', () => {
+  const bytes = new Uint8Array([0xfb, 0xff, 0xfe, 0x00, 0x42]);
+  const ab = bytes.buffer as ArrayBuffer;
+  const encoded = bufferToString(ab, 'base64url');
+  expect(toU8(stringToBuffer(encoded, 'base64url'))).to.deep.equal(bytes);
+});
+
+// --- UTF-8 ---
+
+test(SUITE, 'utf8 encode/decode ASCII', () => {
+  const str = 'hello world';
+  const ab = stringToBuffer(str, 'utf-8');
+  expect(bufferToString(ab, 'utf-8')).to.equal(str);
+});
+
+test(SUITE, 'utf8 encode/decode multibyte', () => {
+  const str = '\u00e9\u00fc\u00f1'; // éüñ
+  const ab = stringToBuffer(str, 'utf-8');
+  expect(bufferToString(ab, 'utf-8')).to.equal(str);
+});
+
+test(SUITE, 'utf8 alias "utf8" works', () => {
+  const str = 'test';
+  const ab = stringToBuffer(str, 'utf8');
+  expect(bufferToString(ab, 'utf8')).to.equal(str);
+});
+
+// --- Latin1 / Binary ---
+
+test(
+  SUITE,
+  'latin1 encode: bytes 0x80-0xFF produce correct UTF-8 strings',
+  () => {
+    const bytes = new Uint8Array([0xe9, 0xfc, 0xf1]); // é, ü, ñ in Latin-1
+    const ab = bytes.buffer as ArrayBuffer;
+    const str = bufferToString(ab, 'latin1');
+    expect(str).to.equal('\u00e9\u00fc\u00f1');
+  },
+);
+
+test(
+  SUITE,
+  'latin1 decode: UTF-8 string maps each code point to one byte',
+  () => {
+    const str = '\u00e9\u00fc\u00f1'; // é, ü, ñ
+    const ab = stringToBuffer(str, 'latin1');
+    expect(toU8(ab)).to.deep.equal(new Uint8Array([0xe9, 0xfc, 0xf1]));
+  },
+);
+
+test(SUITE, 'latin1 roundtrip all byte values 0x00-0xFF', () => {
+  const bytes = new Uint8Array(256);
+  for (let i = 0; i < 256; i++) bytes[i] = i;
+  const ab = bytes.buffer as ArrayBuffer;
+  const str = bufferToString(ab, 'latin1');
+  const roundtripped = toU8(stringToBuffer(str, 'latin1'));
+  expect(roundtripped).to.deep.equal(bytes);
+});
+
+test(SUITE, 'binary is alias for latin1 (encode)', () => {
+  const bytes = new Uint8Array([0xca, 0xfe]);
+  const ab = bytes.buffer as ArrayBuffer;
+  expect(bufferToString(ab, 'binary')).to.equal(bufferToString(ab, 'latin1'));
+});
+
+test(SUITE, 'binary is alias for latin1 (decode)', () => {
+  const str = '\u00ca\u00fe';
+  expect(toU8(stringToBuffer(str, 'binary'))).to.deep.equal(
+    toU8(stringToBuffer(str, 'latin1')),
+  );
+});
+
+test(
+  SUITE,
+  'latin1 decode truncates code points above 0xFF to low byte',
+  () => {
+    // Node.js Buffer.from('\u0100', 'latin1') produces [0x00] (256 & 0xFF = 0)
+    const ab = stringToBuffer('\u0100', 'latin1');
+    expect(toU8(ab)).to.deep.equal(new Uint8Array([0x00]));
+  },
+);
+
+// --- ASCII ---
+
+test(SUITE, 'ascii encode strips high bit', () => {
+  const bytes = new Uint8Array([0x48, 0xc8]); // 'H', 0xC8
+  const ab = bytes.buffer as ArrayBuffer;
+  const str = bufferToString(ab, 'ascii');
+  expect(str.charCodeAt(0)).to.equal(0x48);
+  expect(str.charCodeAt(1)).to.equal(0x48); // 0xC8 & 0x7F = 0x48
+});
+
+test(SUITE, 'ascii decode strips high bit', () => {
+  const str = String.fromCharCode(0xc8); // above 0x7F
+  const ab = stringToBuffer(str, 'ascii');
+  expect(toU8(ab)[0]).to.equal(0x48); // 0xC8 & 0x7F = 0x48
+});
+
+test(SUITE, 'ascii roundtrip printable ASCII', () => {
+  const str = 'Hello, World! 123';
+  const ab = stringToBuffer(str, 'ascii');
+  expect(bufferToString(ab, 'ascii')).to.equal(str);
+});
+
+// --- Unsupported encoding ---
+
+test(SUITE, 'bufferToString throws for unsupported encoding', () => {
+  const ab = new ArrayBuffer(1);
+  expect(() => bufferToString(ab, 'ucs2')).to.throw();
+});
+
+test(SUITE, 'stringToBuffer throws for unsupported encoding', () => {
+  expect(() => stringToBuffer('test', 'ucs2')).to.throw();
+});

packages/react-native-quick-crypto/cpp/utils/HybridUtils.cpp

@@ -1,5 +1,6 @@
 #include "HybridUtils.hpp"
 
+#include <limits>
 #include <openssl/crypto.h>
 #include <openssl/evp.h>
 #include <stdexcept>
@@ -51,6 +52,9 @@ namespace {
   }
 
   std::string encodeBase64(const uint8_t* data, size_t len) {
+    if (len > static_cast<size_t>(std::numeric_limits<int>::max())) {
+      throw std::runtime_error("Input too large for base64 encoding");
+    }
     size_t encodedLen = ((len + 2) / 3) * 4;
     std::string result(encodedLen + 1, '\0');
     int written = EVP_EncodeBlock(reinterpret_cast<unsigned char*>(result.data()), data, static_cast<int>(len));
@@ -62,6 +66,9 @@ namespace {
   }
 
   std::vector<uint8_t> decodeBase64(const std::string& b64) {
+    if (b64.length() > static_cast<size_t>(std::numeric_limits<int>::max())) {
+      throw std::runtime_error("Input too large for base64 decoding");
+    }
     size_t maxLen = ((b64.length() + 3) / 4) * 3;
     std::vector<uint8_t> result(maxLen);
     int written = EVP_DecodeBlock(result.data(), reinterpret_cast<const unsigned char*>(b64.data()), static_cast<int>(b64.length()));
@@ -108,6 +115,35 @@ namespace {
     return decodeBase64(b64);
   }
 
+  std::vector<uint8_t> decodeLatin1(const std::string& str) {
+    std::vector<uint8_t> result;
+    result.reserve(str.size());
+    size_t i = 0;
+    while (i < str.size()) {
+      auto byte = static_cast<uint8_t>(str[i]);
+      uint32_t cp;
+      if (byte < 0x80) {
+        cp = byte;
+        i += 1;
+      } else if ((byte & 0xE0) == 0xC0 && i + 1 < str.size()) {
+        cp = ((byte & 0x1F) << 6) | (static_cast<uint8_t>(str[i + 1]) & 0x3F);
+        i += 2;
+      } else if ((byte & 0xF0) == 0xE0 && i + 2 < str.size()) {
+        cp = ((byte & 0x0F) << 12) | ((static_cast<uint8_t>(str[i + 1]) & 0x3F) << 6) | (static_cast<uint8_t>(str[i + 2]) & 0x3F);
+        i += 3;
+      } else if ((byte & 0xF8) == 0xF0 && i + 3 < str.size()) {
+        cp = ((byte & 0x07) << 18) | ((static_cast<uint8_t>(str[i + 1]) & 0x3F) << 12) | ((static_cast<uint8_t>(str[i + 2]) & 0x3F) << 6) |
+             (static_cast<uint8_t>(str[i + 3]) & 0x3F);
+        i += 4;
+      } else {
+        cp = byte;
+        i += 1;
+      }
+      result.push_back(static_cast<uint8_t>(cp & 0xFF));
+    }
+    return result;
+  }
+
   std::string encodeLatin1(const uint8_t* data, size_t len) {
     std::string result;
     result.reserve(len * 2);
@@ -183,14 +219,15 @@ std::shared_ptr<ArrayBuffer> HybridUtils::stringToBuffer(const std::string& str,
     return ToNativeArrayBuffer(str);
   }
   if (encoding == "latin1" || encoding == "binary") {
-    return ToNativeArrayBuffer(str);
+    auto decoded = decodeLatin1(str);
+    return ToNativeArrayBuffer(decoded);
   }
   if (encoding == "ascii") {
-    std::string ascii = str;
-    for (auto& c : ascii) {
-      c &= 0x7F;
+    auto decoded = decodeLatin1(str);
+    for (auto& b : decoded) {
+      b &= 0x7F;
     }
-    return ToNativeArrayBuffer(ascii);
+    return ToNativeArrayBuffer(decoded);
   }
   throw std::runtime_error("Unsupported encoding: " + encoding);
 }

packages/react-native-quick-crypto/src/utils/conversion.ts

@@ -189,23 +189,6 @@ export function stringToBuffer(
   return utils.stringToBuffer(str, encoding);
 }
 
-/** Old Buffer-polyfill implementation — kept for benchmarking comparison */
-export function ab2str_old(buf: ArrayBuffer, encoding: string = 'hex'): string {
-  return CraftzdogBuffer.from(buf).toString(encoding);
-}
-
-/** Old Buffer-polyfill implementation — kept for benchmarking comparison */
-export function stringToBuffer_old(
-  input: string,
-  encoding: string = 'utf-8',
-): ArrayBuffer {
-  const buffer = CraftzdogBuffer.from(input, encoding);
-  return buffer.buffer.slice(
-    buffer.byteOffset,
-    buffer.byteOffset + buffer.byteLength,
-  );
-}
-
 export const kEmptyObject = Object.freeze(Object.create(null));
 
 export * from './noble';